[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1510
  • Last Modified:

Forcing Win2k to delete profiles on logout

This is one which I have really researched a lot on
the internet and could find no answers for.

We have a network of win2k workstations on a domain
with 2 domain controllers which all users are
authenticated from.

The problem is that the workstations only have 2GB hard
disks which are almost full because each time another
user logs on win2k creates a profile for them on the
local hard disk - each profile is 1.3MB and we have
400 users so you can imagine how much disk space is
wasted.

We have setup the "default user" profile perfectly and
we want all users to use this one profile when they
login and not have another created on the hard disk.

Either that or we want the system to delete the local
profile each time a user logs off and then recreate it
when they log back on. (we don't want to
use roaming profiles as all users need to have the
same profile anyway).

Any help much appreciated.
0
kcs_tec
Asked:
kcs_tec
  • 6
  • 4
1 Solution
 
ocon827679Commented:
Is this an NT domain or a 2000 AD domain?  If it's a 2000 domain you can use a group policy, but the user must be using a roaming profile.  The policy is listed in the User Policies in the Admin Templates area.  It's there just for this reason, to save space on the hard drive.

If you're using an NT domain you might try to add the registry entry that the above policy applies.  The key is HKLM-Software-Policies-Microsoft-Windows-System, add value DeleteRoamingCache as a dword 1.  But again, I think that you need to be running roaming profiles for this to work.
0
 
ocon827679Commented:
Just thought of another way.  There is a local security policy to limit the number of profiles cached on the machine.  Open the Local Security Policies in the Administrative Tools menu of Control Panel.  Under local policies, security policies you will see a policy to limit the number of cached logons.  It defaults to 0, which I believe turns off the policy.  Set it to 1.  This will only allow one profile to be stored at a time.  The corresponding registry entry is HKLM - Software - Microsoft - WindowsNT - Current Version - Winlogon.  The value is cachedlogonscount with a Reg_sz of 1 or whatever number of profiles you want to cache.
0
 
kcs_tecAuthor Commented:
Thankyou very much ocon827679 for your input which looked
to be just the thing I was looking for but strangely
the Win2k workstation still continues to store many
local profiles despite the registry change you mentioned
above, so I guess that doesn't work  :-(

I looked on the internet and read about a small utility
called delprof.exe which looks like it will be what I
need but unfortunately microsoft, in their infinite greed,
have seen fit to remove all download links to this
utility and you can only seem to get it be buying their
resource kit CD which we don't have time to get hold of.

Could any helpful person kindly give me a link to download
this utility or email it to me and then I will gladly
close the question and give them the points.

Thanx.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ocon827679Commented:
0
 
kcs_tecAuthor Commented:
Thanks for the link ocon827679. I got the file no problem
but every time I try and run it on the win2k workstation
I just get a fatal exception and win2k closes the program.
I have tried running the program as local administrater
and as a domain admin but no difference.

Any ideas?
0
 
ocon827679Commented:
No, I've never played with the program.  Maybe someone else can weigh in on it.  There may be a problem with W2K compatibility.  I'll check the W2K resource kit and see if there is a newer version.
I don't understand why the local policy to limit the number of profiles cached didn't work.  I tested it before updating this question and it worked fine.  Maybe you need to be using roaming profiles for it to work, I'm not sure other than to say I know that the local admin profile was deleted.  Did you re-boot after applying the policy??
0
 
ocon827679Commented:
Looks like MS put the lock on this tool.  It's not in their list of free tools, so you have to either purchase technet or the server resource kit.  The version that comes with the W2K server resource kit is 5.00.2134.1.  What a friggin drag!!
0
 
kcs_tecAuthor Commented:
Yeah it looks like I need a new version of delprof for
win2k - trust MS to be consisten eh..damn pain the
arse though. I don't have time to go and buy the resource
kit. Anyone out there feel like emailing the tool to me?

Regarding the policy setting - I think that it only
deletes the cached roaming profile and doesn't apply
to stored local profiles as it made no difference on the
machine (yeah I did reboot after changing the setting).
0
 
ocon827679Commented:
I think it's against EE policy for someone to do that, besides you didn't leave an e-mail addr.
0
 
kcs_tecAuthor Commented:
I've got a mate who can email me the prog. Cheers for
all the input ocon.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now